- 306 - 



CLAIMS 



1 . A privilege management system for managing service 
reception privileges of user devices; 
5 wherein a user device which is a service reception 

entity holds a group attribute certificate which has, as ^ 
stored information, group identification information 
corresponding to a group which is a set of certain devices 
or certain users, and also has affixed an electronic 

10 signature of an issuer; 

and wherein a service provider which is a service 
providing entity has a configuration for executing 
verification, by means of signature verification, of the 
group attribute certificate presented from said user device 

15 regarding whether or not there has been tampering, 

performing screening regarding whether or not this is a / 
service-permitted group based on group identification 
information stored in said group attribute certificate, and 
executing determination regarding whether or not service can 

20 be provided, based on said screening. 



2. A privilege management system according to Claim 1, 
wherein said group attributes certificate is a certificate 
issued to a user device corresponding to a device or a user, 
2 5 under the conditions that mutual authentication is 
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established between a group attributes certificate issuing 
entity and the user device, and that the device or user to 
which the certificate is to be issued is following an 
issuance policy permitted by said service provider. 

5 

3. A privilege management system according to Claim 1, 
wherein the issuing processing for a new group attributes 
certificate is of a configuration carried out under the 
condition that verification is established at the group 

10 attributes certificate issuing entity regarding an already- 
issued group attributes certificate which the user device 
already holds. 

4. A privilege management system according to Claim 1, 
15 wherein said service provider is of a configuration having a 

group information database wherein said group identifier and 
permitted service information for members belonging to the 
group are correlated, wherein said group information 
database is searched based on the group identification 
2 0 information stored in said group attributes certificate 

presented by said user device, and determining processing 
regarding whether or not service can be provided is executed. 

5. A privilege management system according to Claim 1, 
25 wherein said service provider is of a configuration wherein 
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screening regarding whether or not the object of service 
permission is executed for each of a plurality of sets of 
different group identification information obtained from a 
plurality of group attribute certificates based on a 
5 plurality of different group definitions presented by said 
user device, and determining processing regarding whether or 
not service can be provided is executed under the condition 
that all group identification sets are the object of service 
permission . 

10 

6. A privilege management system according to Claim 1, 
wherein said service provider is of a configuration wherein 
screening regarding whether or not the object of service 
permission is executed for first group identification 

15 information obtained from a first group attribute 

certificate based on group definitions from said user device 
wherein devices are group members, and screening regarding 
whether or not the object of service permission is executed 
for second group identification information obtained from a 

20 second group attribute certificate based on group 

definitions from said user device wherein devices are group 
users, and determining processing regarding whether or not 
service can be provided is executed under the condition that 
all group identification sets are the object of service 

25 permission. 
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7. A privilege management system according to Claim 1, 
wherein said user device is of a configuration including an 
end entity as a device for executing communication with said 
5 service provider, and a user identification device as an 
individual identification device; 

wherein said group attribute certificate is issued 
individually to each of said end entity and user 
identification device, with issuing processing being carried 
10 out under the condition that mutual authentication has been 
established between the group attribute certificate issuing 
entity and said end entity or said user identification 
device . 

15 8. A privilege management system according to Claim 1, 

of a configuration wherein said group attribute certificate 
is an attribute certificate issued by an attribute authority, 
and a group identifier is stored in an attribute information 
filed within the attribute certificate. 

20 

9. A privilege management system according to Claim 1, 
wherein said group attribute certificate is of a 
configuration storing link information regarding a public 
key certificate corresponding to said group attribute 
25 certificate; 



# 
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and wherein said service provider is of a configuration 
wherein verification of the public key certificate obtained 
by said link information is also executed at the time of 
performing verification of said group attribute certificate. 

5 

10. An information processing device for executing 
data processing as service providing processing, comprising: 

a data reception unit for receiving a group attribute 
certificate which has, as stored information, group 

10 identification information corresponding to a group which is 
a set of certain devices or certain users, and also has 
affixed an electronic signature of an issuer; and 

a group attribute certificate verification processing 
unit for executing verification, by means of signature 

15 verification, of the group attribute certificate regarding 
whether or not there has been tampering, performing 
screening regarding whether or not this is a service- 
permitted group based on group identification information 
stored in said group attribute certificate, and executing 

2 0 determination regarding whether or not service can be 
provided, based on said screening. 



11. An information processing device according to 
Claim 10, of a configuration further comprising a group 
25 information database wherein said group identifier and 
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permitted service information for members belonging to the 
group are correlated; 

wherein said group attribute certificate verification 
processing unit searches said group information database 
based on the group identification information stored in said 
group attributes certificate presented by said user device, 
and executes determining processing regarding whether or not 
service can be provided. 

12 . An information processing device according to 
Claim 10, wherein said group attribute certificate 
verification processing unit is of a configuration wherein 
screening regarding whether or not the object of service 
permission is executed for each of a plurality of sets of 
different group identification information obtained from a 
plurality of group attribute certificates based on a 
plurality of different group definitions presented by said 
user device, and determining processing regarding whether or 
not service can be provided is executed. 

13. A privilege management method for managing service 
reception privileges of user devices, comprising: 

as an execution step at a user device which is a 
service reception entity, a step for transmitting to a 
service provider which is a service providing entity a group 
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attribute certificate which has, as stored information, 
group identification information corresponding to a group 
which is a set of certain devices or certain users, and also 
has affixed an electronic signature of an issuer; 
5 and, as an execution step at said service provider, a 

step for performing verification, by means of signature 
verification, of the group attribute certificate presented 
from said user device regarding whether or not there has 
been tampering, performing screening regarding whether or 
10 not this is a service-permitted group based on group 

identification information stored in said group attribute 
certificate, and executing determination regarding whether 
or not service can be provided, based on said screening. 

15 14. A privilege management method according to Claim 

13, further comprising a group attribute certificate issuing ^ 
processing step for issuing said group attributes 
certificate to a user device corresponding to a device or a 
user; 

20 wherein said group attribute certificate issuing 

processing step is a processing step for issuing the group 
attribute certificate to a user device corresponding to a 
device or a user under the conditions that mutual 
authentication is established between a group attributes 

25 certificate issuing entity and the user device, and that the 
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device or user to which the certificate is to be issued is 
following an issuance policy permitted by said service 
provider . 

5 15. A privilege management method according to Claim 

14, wherein said group attribute certificate issuing 
processing step includes a verification processing step 
regarding an already-issued group attributes certificate 
which the user device already holds, wherein issuing of a 
10 group attributes certificate is carried out under the 
condition that said verification is established. 

16. A privilege management method according to Claim 
13, wherein said service provider is of a configuration 

15 having a group information database wherein said group 

identifier and permitted service information for members 
belonging to the group are correlated, wherein said group 
information database is searched based on the group 
identification information stored in said group attributes 

2 0 certificate presented by said user device, and determining 
processing regarding whether or not service can be provided 
is executed. 

17. A privilege management method according to Claim 
25 13, wherein said service provider is of a configuration 
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wherein screening regarding whether or not the object of 
service permission is executed for each of a plurality of 
sets of different group identification information obtained 
from a plurality of group attribute certificates based on a 
5 plurality of different group definitions presented by said 
user device, and determining processing regarding whether or 

( 

not service can be provided is executed under the condition 
that all group identification sets are the object of service 
permission . 

10 

18. A privilege management method according to Claim 
13, wherein at said service provider, screening regarding 
whether or not the object of service permission is executed 
for first group identification information obtained from a 

15 first group attribute certificate based on group definitions 

from said user device wherein devices are group members, and s 
screening regarding whether or not the object of service 
permission is executed for second group identification 
information obtained from a second group attribute 

20 certificate based on group definitions from said user device 
wherein devices are group users, and determining processing 
regarding whether or not service can be provided is executed 
under the condition that all group identification sets are 
the object of service permission. 



25 
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19. A privilege management method according to Claim 
13, wherein said group attribute certificate is of a 
configuration storing link information regarding a public 
key certificate corresponding to said group attribute 

5 certificate; 

and wherein said service provider is of a configuration 
wherein verification of the public key certificate obtained 
by said link information is also executed at the time of 
performing verification of said group attribute certificate. 

10 

20. An information processing method for an 
information processing device for executing data processing 
as service providing processing, said method comprising: 

a certificate reception step for receiving from a 
15 service providing device, a group attribute certificate 
which has, as stored information, group identification 
information corresponding to a group which is a set of 
certain devices or certain users, and also has affixed an 
electronic signature of an issuer, as an attribute 
20 certificate to be applied to service usage privilege 
confirmation processing; and 

a group attribute certificate verification processing 
step for executing verification, by means of signature 
verification of the group attribute certificate, regarding 
2 5 whether or not there has been tampering, performing 
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screening regarding whether or not this is a service- 
permitted group based on group identification information 
stored in said group attribute certificate, and executing 
determination regarding whether or not service can be 
5 provided, based on said screening. 

( 

21. An information processing method according to 
Claim 2 0, said information processing device further 
comprising a group information database wherein said group 

10 identifier and permitted service information for members 

belonging to the group are correlated; 

wherein said group attribute certificate verification 

processing step includes a step for searching said group 

information database based on the group identification 
15 information stored in said group attributes certificate 

presented by said user device, and executing determining 

\ 

processing regarding whether or not service can be provided. 

22. An information processing method according to 
20 Claim 20, wherein said group attribute certificate 

verification processing step includes a step for executing 
screening regarding whether or not the object of service 
permission is executed for each of a plurality of sets of 
different group identification information obtained from a 
25 plurality of group attribute certificates based on a 
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plurality of different group definitions presented by said 
user device, and executing determining processing regarding 
whether or not service can be provided under the condition 
that all group identification sets are the object of service 
5 permission. 

23. A computer program for effecting execution of 
privilege management processing for managing service 
reception privileges of user devices, said program 

10 comprising: 

a certificate reception step for receiving from a 
service providing device, a group attribute certificate 
which has, as stored information, group identification 
information corresponding to a group which is a set of 

15 'certain devices or certain users, and also has affixed an 
electronic signature of an issuer, as an attribute 
certificate to be applied to service usage privilege 
confirmation processing; and 

a group attribute certificate verification processing 

20 step for executing verification, by means of signature 

verification of the group attribute certificate, regarding 
whether or not there has been tampering, performing 
screening regarding whether or not this is a service- 
permitted group based on group identification information 

25 stored in said group attribute certificate, and executing 



• 
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determination regarding whether or not service can be 
provided, based on said screening. 



24. An access privilege management system for 
5 executing access restrictions between communication devices 
having communication functions; 

( 

wherein an access requesting device stores, in storage 
means, a group attribute certificate which has, as stored 
information, group identification information corresponding 

10 to a group which is a set of certain communication devices 
or certain users, and also has affixed an electronic 
signature of an issuer; 

and wherein an access requested device, which is the 
object of an access request from said access requesting 

15 device, executes verification, by means of signature 

verification, of the group attribute certificate presented 
from said access requesting device regarding whether or not 
there has been tampering, performing screening regarding 
whether or not said access requesting device is a device 

2 0 which belongs to an access-permitted group based on group 
identification information stored in said group attribute 
certificate, and executes determination regarding whether or 
not access can be permitted, based on said screening. 

25 25. An access privilege management system according to 
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Claim 24 , wherein said access requested device has a 
configuration for performing screening regarding whether or 
not said access requesting device is an end entity belonging 
to an access-permitted group, based on a group attribute 
5 certificate issued to the end entity which is an access 
executing device making up said access requesting device, 
and executing determination regarding whether or not access 
can be permitted, based on said screening. 

10 2 6. An access privilege management system according to 

Claim 24, wherein said access requested device has a 
configuration for performing screening regarding whether or 
not said access requesting device is a device owned by a 
user belonging to an access-permitted group, based on a 

15 group attribute certificate issued to a user identification 
device which is an individual identification device making 
up said access requesting device, and executing 
determination regarding whether or not access can be 
permitted, based on said screening. 

20 

27. An access privilege management system according to 
Claim 24, of a configuration wherein said access requesting 
device and said access requested device have security chips 
with anti- tampering configurations, with mutual 
25 authentication being executed between the mutual security 
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chips, and wherein, under the condition that mutual 
authentication has been established, said access requested 
device executes signature verification of the group 
attribute certificate presented from said access requesting 
5 device, and screening regarding whether or not the device 
belongs to an access-permitted group. 

( 

28. An access privilege management system according to 
Claim 24, of a configuration wherein said access requested 

10 device receives from a device an issuing request for a group 
attribute certificate certifying that the device is an 
access-permitted group member; 

and wherein, under the conditions that mutual 
authentication between devices has been established and that 

15 the group attribute certificate issue requesting device is 

following an issuance policy permitted by said access ^ 
requested device, issues a group attribute certificate to a 
device corresponding to a device or a user, certifying that 
the device is an access-permitted group member. 

20 

29. An access privilege management system according to 
Claim 24, of a configuration wherein said access requested 
device receives from a device an issuing request for a group 
attribute certificate certifying that the device is an 

25 access-permitted group member; 
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and wherein, under the conditions that mutual 
authentication between devices has been established and that 
verification and screening is established for an already- 
issued group attribute certificate already held by the group 
5 attribute certificate issue requesting device, issues a 

group attribute certificate to a device corresponding to a 

» 

device or a user, certifying that the device is an access- 
permitted group member . 

10 30. An access privilege management system according to 

Claim 24, wherein said group attribute certificate is of a 
configuration storing link information regarding a public 
key certificate corresponding to said group attribute 
certificate; 

15 and wherein said access requesting device is of a 

configuration wherein verification of the public key 
certificate obtained by said link information is also 
executed at the time of performing verification of said 
group attribute certificate. 

20 

31. A communication processing device for executing 
access restriction processing, comprising: 

a reception unit for receiving, from an access 
requesting device, a group attribute certificate which has, 
25 as stored information, group identification information 



- 322 - 

corresponding to a group which is a set of certain 
communication devices or certain users, and also has affixed 
an electronic signature of an issuer; and 

an access privilege determination processing unit for 
5 executing group attribute certificate verification 

processing functions, for executing verification, by means 

( 

of signature verification, of the group attribute 
certificate received from said access requesting device 
regarding whether or not there has been tampering, 

10 performing screening regarding whether or not said access 
requesting device is a device which belongs to an access- 
permitted group based on group identification information 
stored in said group attribute certificate, and executing 
determination regarding whether or not access can be 

15 permitted, based on said screening. 

( 

32 . A communication processing device according to 
Claim 31, wherein said access privilege determination 
processing unit has a configuration for performing screening 

2 0 regarding whether or not said access requesting device is an 
end entity belonging to an access-permitted group, based on 
a group attribute certificate issued to the end entity which 
is an access executing device at said access requesting 
device, and executing determination regarding whether or not 

25 access can be permitted, based on said screening. 
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33. A communication processing device according to 
Claim 31, wherein said access privilege determination 
processing unit has a configuration for performing screening 

5 regarding whether or not said access requesting device is a 
device owned by a user belonging to an access-permitted 
group, based on a group attribute certificate issued to a 
user identification device which is an individual 
identification device making up said access requesting 
10 device, and executing determination regarding whether or not 
access can be permitted, based on said screening. 

34. A communication processing device according to 
Claim 31, comprising an encipherment processing unit for 

15 executing mutual authentication with said access requesting 
device; 

wherein said access privilege determination processing 
unit has a configuration for, under the condition that 
mutual authentication has been established, executing 
20 signature verification of the group attribute certificate 

presented from said access requesting device, and screening 
regarding whether or not the device belongs to an access- 
permitted group. 

25 35. A communication processing device according to 




- 324 - 

Claim 31, further comprising an attribute certificate 
generating unit for generating a group attribute certificate 
which has, as stored information, group identification 
information corresponding to a group which is a set of 
5 certain communication devices or certain users, and also has 
affixed an electronic signature of an issuer. 

36. A communication processing device according to 
Claim 31, wherein said group attribute certificate is of a 

10 configuration storing link information regarding a public 
key certificate corresponding to said group attribute 
certificate; 

and wherein said access privilege determination 
processing unit is of a configuration wherein verification 
15 of the public key certificate obtained by said link 

information is also executed at the time of performing 

V. 

verification of said group attribute certificate. 

37. An access privilege management method for 

2 0 executing access restrictions between communication devices 
having communication functions, said method comprising: 

a step for an access requesting device to transmit to 
an access requested device, which is the object of an access 
request, a group attribute certificate which has, as stored 

25 information, group identification information corresponding 



• 
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to a group which is a set of certain communication devices 
or certain users, and also has affixed an electronic 
signature of an issuer; 

a step for said access requested device to receive the 
5 group attribute certificate presented by said access 
requesting device; 

a screening step for executing verification, by means 
of signature verification, of the group attribute 
certificate presented from said access requesting device 

10 regarding whether or not there has been tampering, and 

performing screening regarding whether or not said access 
requesting device is a device which belongs to an access- 
permitted group based on group identification information 
stored in said group attribute certificate; 

15 and a step for executing determination regarding 

whether or not access can be permitted, based on the 
screening results in said screening step. 

38. An access privilege management method according to 
20 Claim 37, wherein said access requested device performs 

screening regarding whether or not said access requesting 
device is an end entity belonging to an access-permitted 
group, based on a group attribute certificate issued to the 
end entity which is an access executing device at said 
25 access requesting device, and executing determination 
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regarding whether or not access can be permitted, based on 
said screening. 

39. An access privilege management method according to 
5 Claim 37, wherein said access requested device performs 

screening regarding whether or not said access requesting 
device is a device owned by a user belonging to an access- 
permitted group, based on a group attribute certificate 
issued to a user identification device which is an 
10 individual identification device at said access requesting 

device, and executing determination regarding whether or not 
access can be permitted, based on said screening. 

40. An access privilege management method according to 
15 Claim 37, further comprising a mutual authentication 

execution step between security chips with anti-tampering 
configurations of said access requesting device and said 
access requested device; 

wherein, under the condition that mutual authentication 
20 has been established, said access requested device executes 
signature verification of the group attribute certificate 
presented from said access requesting device, and screening 
regarding whether or not the device belongs to an access- 
permitted group . 

25 
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41. An access privilege management method according to 
Claim 37 , further comprising a step for said access 
requested device to receive from a device an issuing request 
for a group attribute certificate certifying that the device 

5 is an access-permitted group member; and 

a step wherein, under the conditions that mutual 
authentication between devices has been established and that 
the group attribute certificate issue requesting device is 
following an issuance policy permitted by said access 
10 requested device, a group attribute certificate is issued to 
a device corresponding to a device or a user. 

42. An access privilege management method according to 
Claim 37, further comprising, as an execution step at said 

15 access requested device in response to an issuing request 
from a device for a group attribute certificate certifying 
that the device is an access-permitted group member, a step 
for executing processing for issuing a group attribute 
certificate to a device corresponding to a device or a user, 

2 0 certifying that the device is an access-permitted group 
member, under the conditions that mutual authentication 
between devices has been established and that verification 
and screening is established for an already-issued group 
attribute certificate already held by the group attribute 

25 certificate issue requesting device. 
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43. An access privilege management method according to 
Claim 37, wherein said group attribute certificate is of a 
configuration storing link information regarding a public 

5 key certificate corresponding to said group attribute 
certificate; 

( 

and wherein said access requesting device is of a 
configuration wherein verification of the public key 
certificate obtained by said link information is also 
10 executed at the time of performing verification of said 
group attribute certificate. 

44. A communication managing method for a 
communication processing device for executing access 

15 restriction processing, said method comprising: 

a reception step for receiving, from an access , 

V 

requesting device, a group attribute certificate which has, 
as stored information, group identification information 
corresponding to a group which is a set of certain 

2 0 communication devices or certain users, and also has affixed 
an electronic signature of an issuer; and 

an access privilege determination processing step for 
executing verification, by means of signature verification, 
of the group attribute certificate received from said access 

2 5 requesting device regarding whether or not there has been 
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tampering, performing screening regarding whether or not 
said access requesting device is a device which belongs to 
an access-permitted group based on group identification 
information stored in said group attribute certificate; and 
5 an access permissible/impermissible determination step 

for executing determination regarding whether or not access 
can be permitted, based on the access privilege 
determination processing results. 

10 45. A communication managing method according to Claim 

44, wherein said access privilege determination processing 
step includes a step performing screening regarding whether 
or not said access requesting device is an end entity 
belonging to an access-permitted group, based on a group 

15 attribute certificate issued to the end entity which is an 
access executing device at said access requesting device. 

46. A communication managing method according to Claim 
44, wherein said access privilege determination processing 

20 step includes a step for performing screening regarding 
whether or not said access requesting device is a device 
owned by a user belonging to an access-permitted group, 
based on a group attribute certificate issued to a user 
identification device which is an individual identification 

25 device making up said access requesting device. 
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47. A communication managing method according to Claim 
44, further comprising an authentication processing step for 
executing mutual authentication with said access requesting 
device; 

wherein, in said access privilege determination 

( 

processing step, signature verification of the group 
attribute certificate presented from said access requesting 
device, and screening regarding whether or not the device 
belongs to an access-permitted group, are executed, under 
the condition that mutual authentication has been 
established. 

48. A communication managing method according to Claim 
15 44, wherein said group attribute certificate is of a 

configuration storing link information regarding a public ,■ 

key certificate corresponding to said group attribute 

certificate; 

and wherein, in said access privilege determination 
20 processing step, verification of the public key certificate 
obtained by said link information is also executed at the 
time of performing verification of said group attribute 
certificate . 



25 



49. A computer program for effecting execution of a 
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communication managing method for a communication processing 
device for executing access restriction processing, said . 
program comprising: 

a reception step for receiving, from an access 
5 requesting device, a group attribute certificate which has, 
as stored information, group identification information 
corresponding to a group which is a set of certain 
communication devices or certain users, and also has affixed 
an electronic signature of an issuer; and 

10 an access privilege determination processing step for 

executing verification, by means of signature verification, 
of the group attribute certificate received from said access 
requesting device regarding whether or not there has been 
tampering, performing screening regarding whether or not 

15 said access requesting device is a device which belongs to 
an access-permitted group based on group identification 
information stored in said group attribute certificate; and 
an access permissible/impermissible determination step 
for executing determination regarding whether or not access 

20 can be permitted, based on the access privilege 
determination processing results. 



25 



50. A data processing system for executing data 
processing accompanied by data communication processing, 
between a plurality of devices capable of mutual 
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communication/ wherein, of said plurality of devices, a data 
processing requesting device, which requests data processing 
to the other device with which communication is being made, 
holds a group attribute certificate which has, as stored 
5 information, group identification information corresponding 
to a group which is a set of certain devices or certain 

. 

users, and also has affixed an electronic signature of an 
issuer, and transmits said group attribute certificate to a 
data processing requested device at the time of data 

10 processing requesting processing; 

and wherein said data processing requested device 
executes verification processing of the received group 
attribute certificate, determines whether or not said data 
processing requesting device has data processing requesting 

15 privileges based on said verification, and executes data 
processing based on determination of privileges. 

51. A data processing system according to Claim 50, 
wherein the group attribute certificate stored in said data 
2 0 processing requesting device has as the issuer thereof the 
data processing requested device, and has affixed the 
electronic signature of the data processing requested 
device; 

and wherein said data processing requested device is of 
25 a configuration for executing electronic signature 
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verification processing applying a public key of itself, as 
verification processing of the received group attribute 
certificate . 



wherein all of said mutually communicable plurality of 
devices are devices which mutually request data processing 
of the other device with which communication is being made, 
with each of the devices having a configuration storing the 

10 group attribute certificate issued by the communication 
party device and transmitting the group attribute 
certificate stored in itself at the time of data processing 
requesting of the other device with which communication is 
being made, and under the condition of verification being 

15 established at the receiving device, processing 

corresponding to the data processing request is mutually 
executed. 



2 0 wherein all of said mutually communicable plurality of 
devices have security chips with anti-tampering 
configurations, with mutual authentication being executed 
between the mutual security chips at the time of data 
processing requesting of the other device with which 

25 communication is being made, and wherein, under the 



5 



52. A data processing system according to Claim 50, 



53. 



A data processing system according to Claim 50, 
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condition that mutual authentication has been established, 
said transmission of group attribute certificates between 
the devices, and verification of the transmitted group 
attribute certificates, is executed. 

5 

54. A data processing system according to Claim 50, 
wherein the group attribute certificate stored in the data 
processing requesting device has as the issuer thereof the 
data processing requested device; 
10 and wherein issuing processing is performed under the 

condition that mutual authentication has been established 
between the data processing requesting device and the data 
processing requested device. 

15 55. A data processing system according to Claim 50, 

wherein, of said mutually communicable plurality of devices, 
at least one or more devices comprise, as a device 
configuration, an end entity for executing communication 
processing with other device and data processing, and a user 

20 identification device having individual identification 

functions capable of exchanging data with said end entity; 

and wherein, in the event that said group attribute 
certificate is issued to members making up a certain user 
group, issuing processing is carried out under the condition 

25 that mutual authentication is established between said user 
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identification device and a group attribute certificate 
issuing processing executing device. 

56, A data processing system according to Claim 50, 
5 wherein> of said mutually communicable plurality of devices, 
one is a maintenance executing device for executing 
maintenance processing for devices; 

and wherein the other devices are service receiving 
device which receive the maintenance service from said 
10 maintenance executing device; 

and wherein said service receiving device stores a 
service attribute certificate which is a group attribute 
certificate issued by said maintenance executing device; 

and wherein said maintenance executing device stores a 
15 control attribute certificate which is a group attribute 
certificate issued by said service receiving device; 

and -wherein said service attribute certificate is 
applied for verification at said maintenance executing 
device that said service receiving device belongs to a group 
2 0 of devices or users having maintenance service receiving 
privileges ; 

and wherein said control attribute certificate is 
applied for verification at said service receiving device 
that said maintenance executing device belongs to a group of 
25 devices or users having maintenance service executing 
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privileges . 

57. A data processing system according to Claim 56, 
wherein a maintenance program executed at said service 

5 receiving device is transmitted to or stored in said service 
receiving device as an enciphered maintenance program; 

and wherein said service receiving device is of a 
configuration for deciphering said enciphered maintenance 
program within a security chip having an anti-tampering 
10 configuration, and then executing on said service receiving 
device . 

58. A data processing system according to Claim 56, 
wherein maintenance processing executed at said service 

15 receiving device is executed based on commands transmitted 
from said maintenance executing device to said service 
receiving device; 

and wherein said service receiving device transmits a 
response to said maintenance executing device for the 

20 execution results of said commands, and said maintenance . 
executing device executes transmission of new commands to 
said service receiving device based on the transmitted 
response . 



25 



59. A data processing device for executing data 
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processing based on data processing requests from a data 
processing requesting device, said data processing device 
comprising : 

a data reception unit for receiving from said data 
5 processing requesting device a group attribute certificate 
which has, as stored information, group identification 
information corresponding to a group which is a set of 
certain devices or certain users and also has affixed an 
electronic signature of an issuer; 

10 a privilege determining processing unit for executing 

verification processing of the received group attribute 
certificate, and determining whether or not said data 
processing requesting device has data processing requesting 
privileges based on said verification; and 

15 a data processing unit for executing data processing 

based on determination of privileges. 

60. A data processing device according to Claim 59, 
wherein said privilege determining processing unit is of a 
20 configuration for executing electronic signature 

verification processing applying a public key of itself, as 
verification processing of the received group attribute 
certificate . 

25 61. A data processing device according to Claim 59, 
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wherein said data processing device has a security chip with 
an anti-tampering configuration and comprising an 
enciphering processing unit; 

and wherein said enciphering processing unit has a 
5 configuration wherein mutual authentication is executed with 
the data processing requesting device in response to a data 
processing request from the data processing requesting 
device; 

and wherein said privilege determining processing unit 
10 is of a configuration for executing verification of the 

group attribute certificate, under the condition that mutual 
authentication has been established. 

62. A data processing device according to Claim 59, 
15 wherein said data processing device is of a configuration 
comprising an attribute certificate generating processing 
unit having functions for generating a group attribute 
certificate which has, as stored information, group 
identification information corresponding to a group which is 
20 a set of certain devices or certain users, and also has 
affixed an electronic signature. 



25 



63. A data processing method for executing data 
processing accompanied by data communication processing, 
between a plurality of devices capable of mutual 
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communication, wherein, of said plurality of devices, a data 
processing requesting device, which requests data processing 
to the other device with which communication is being made, 
executes a step for transmitting, to the other device with 
5 which communication is being made at the time of data 
processing requesting processing, a group attribute 
certificate which has, as stored information, group 
identification information corresponding to a group which is 
a set of certain devices or certain users, and also has 
10 affixed an electronic signature of an issuer; 

and wherein said data processing requested device 
executes : 

a verification processing step for the received group 
attribute certificate ; 
15 a step for determining whether or not said data 

processing requesting device has data processing requesting 
privileges based on said verification; and 

a step for executing data processing based on 
determination of privileges. 

20 

64, A data processing method according to Claim 63, 
wherein the group attribute certificate stored in said data 
processing requesting device has as the issuer thereof the 
data processing requested device, and has affixed the 
25 electronic signature of the data processing requested 
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device; 

and wherein, in said verification processing step at 
said data processing requested device, electronic signature 
verification processing applying a public key of itself is 
5 executed, as verification processing of the received group 
attribute certificate . 

65. A data processing method according to Claim 63, 
wherein all of said mutually communicable plurality of 

10 devices are devices which mutually request data processing 
of the other device with which communication is being made, 
with each of the devices having a configuration storing the 
group attribute certificate issued by the communication 
party device and transmitting the group attribute 

15 certificate stored in itself at the time of data processing 

requesting of the other device with which communication is , 

V 

being made, and under the condition of verification being 
established at the receiving device, processing 
corresponding to the data processing request is mutually 
2 0 executed. 

66. A data processing method according to Claim 63, 
wherein all of said mutually communicable plurality of 
devices have security chips with anti-tampering 

25 configurations, with mutual authentication being executed 
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between the mutual security chips at the time of data 
processing requesting of the other device with which 
communication is being made, and wherein, under the 
condition that mutual authentication has been established, 
5 said transmission of group attribute certificates between 
the devices, and verification of the transmitted group 
attribute certificates, is executed. 

67. A data processing method according to Claim 63, 

10 further comprising an issuing processing step for the group 

attribute certificate stored in the data processing 

requesting device; 

said issuing processing step being executed under the 

condition that mutual authentication has been established 
15 between the data processing requesting device and the data 

processing requested device. 

68. A data processing method according to Claim 63, 
further comprising an issuing processing step for the group 

20 attribute certificate stored in the data processing 
requesting device; 

wherein, in the event that said group attribute 
certificate is issued to members making up a certain user 
group, said issuing processing step is executed under the 

25 condition that mutual authentication is established with a 
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user identification device having individual identification 
functions making of the data processing requesting device, 

69. A data processing method according to Claim 63, 
5 wherein, of said mutually communicable plurality of devices, 
one is a maintenance executing device for executing 
maintenance processing for devices, and wherein the other 
devices are service receiving device which receive the 
maintenance service from said maintenance executing device, 
10 said method comprising: 

a step for said service receiving device to transmit to 
said maintenance executing device a service attribute 
certificate which is a group attribute certificate issued by 
said maintenance executing device; 
15 a service attribute certificate verification step for 

said maintenance executing device to execute verification of , 

V 

the received service attribute certificate; 

a step for said maintenance executing device to 
transmit to said service receiving device a control 
20 attribute certificate which is a group attribute certificate 
issued by said service receiving device; 

a control attribute certificate verification step for 
said service receiving device to execute verification of 
said control attribute certificate; and 
25 a maintenance processing step for executing maintenance 
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processing under the condition that both verification of 
said service attribute certificate verification and said 
control attribute certificate verification have been 
established. 

5 

70. A data processing method according to Claim 69, 
wherein a maintenance program executed at said service 
receiving device is transmitted to or stored in said service 
receiving device as an enciphered maintenance program; 

10 and wherein said service receiving device is of a 

configuration for deciphering said enciphered maintenance 
program within a security chip having an anti-tampering 
configuration, and then executing on said service receiving 
device . 

15 

71. A data processing method according to Claim 69, 
wherein maintenance processing executed at said service 
receiving device is executed based on commands transmitted 
from said maintenance executing device to said service 

2 0 receiving device; 

and wherein said service receiving device transmits a 
response to said maintenance executing device for the 
execution results of said commands, and said maintenance 
executing device executes transmission of new commands to 

25 said service receiving device based on the transmitted 
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response - 

72. A data processing method for executing data 
processing based on data processing requests from a data 
5 processing requesting device, said method comprising: 

a data reception step for receiving from said data 

( 

processing requesting device a group attribute certificate 
which has, as stored information, group identification 
information corresponding to a group which is a set of 

10 certain devices or certain users and also has affixed an 
electronic signature of an issuer; 

a privilege determining processing step for executing 
verification processing of the received group attribute 
certificate, and determining whether or not said data 

15 processing requesting device has data processing requesting 
privileges based on said verification; and 

a data processing step for executing data processing 
based on determination of privileges. 

2 0 73. A data processing method according to Claim 72, 

wherein said privilege determining processing step includes 
a step for executing electronic signature verification 
processing applying a public key of itself, as verification 
processing of the received group attribute certificate. 



25 
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74. A data processing method according to Claim 72, 
further comprising a step for executing mutual 
authentication with the data processing requesting device in 
response to a data processing request from the data 

5 processing requesting device; 

and wherein said privilege determining processing step 
executes verification of the group attribute certificate, 
under the condition that mutual authentication has been 
established. 

10 

75. A computer program for effecting execution of data 
processing based on data processing requests from a data 
processing requesting device, said program comprising: 

a data reception step for receiving from said data 
15 processing requesting device a group attribute certificate 
which has, as stored information, group identification 
information corresponding to a group which is a set of 
certain devices or certain users and also has affixed an 
electronic signature of an issuer; 
20 a privilege determining processing step for executing 

verification processing of the received group attribute 
certificate, and determining whether or not said data 
processing requesting device has data processing requesting 
privileges based on said verification; and 
25 a data processing step for executing data processing 
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based on determination of privileges . 



